DEV Community

Cover image for A new way to use hadolint 🐳
Benjamin Rancourt
Benjamin Rancourt

Posted on • Originally published at benjaminrancourt.ca on

A new way to use hadolint 🐳

Some times ago, we started a new project at work and we wanted to add a GitLab CI pipeline for continuous integration.

As we were using Docker, we wanted to lint our Dockerfile automatically to make sure we were following best practices. We therefore sought to add a tool that we were using in other projects: hadolint.

What is hadolint?

hadolint is a linter that helps us build better Docker images. It uses your Dockerfiles to check over 50 rules and can even validate your Bash commandes with ShellCheck. 🐚

You can check at their GitHub repository to find an (incomplete) list of implemented rules. Rules prefixed by DL come from hadolint and rules prefixed by SC come from ShellCheck.

How to add it to your .gitlab-ci.yml file?

As I was looking to see if any new features were been added since the last time I checked, I was pleasantly surprised to see that the maintainers and contributors added a new way to use the tool by providing the recipe to use in GitLab:

# To update hadolint/hadolint version
# https://hub.docker.com/r/hadolint/hadolint/tags?page=1&ordering=last_updated
lint:hadolint:
  image: hadolint/hadolint:v1.19.0-45-gef91156-alpine
  only:
    refs:
      - branches
    variables:
      - $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
  script: hadolint Dockerfile
  stage: tests
Enter fullscreen mode Exit fullscreen mode
A slightly modified recipe to use in GitLab CI

Personally, I found this way cleaner than running the docker run --rm -i hadolint/hadolint < Dockerfile command, so I decide to write this little post to celebrate this new functionality and to share this awesome tool around me. πŸ₯³

lint:hadolint:
  script: docker run --rm -i hadolint/hadolint < Dockerfile
  stage: tests
Enter fullscreen mode Exit fullscreen mode
Our old way to use hadolint

Do you know any other hidden gems like this that we should use? πŸ’Ž

PS. They even released a Web tool if you want to lint your Dockerfiles in your navigator! πŸ₯°

Top comments (1)

Collapse
 
camelcaseguy profile image
Shubhendra Singh Chauhan

Hey @ranb2002 πŸ‘‹
There is also a Docker analyzer by DeepSource which lets you continuously analyze dockerfiles for issues and also helps you automatically fix most of them.
Do give it a try, and let me know your thoughts! 😊
It is free to use for Open-Source projects.